GCVE - cpe:2.3:a:python:virtualenv:1.4.7:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:python:virtualenv:1.4.7:*:*:*:*:*:*:*

part: a version: 1.4.7 update: *

Vendor	Python (`b57ad93a-6195-5192-9423-6cfad6044a8b`)
Product	Virtualenv (`b0167ebb-a52e-5178-9698-fa6bdf362f01`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/pypa/virtualenv`	purl2cpe	2026-06-01 10:16:29.063585
`pkg:golang/github.com/pypa/virtualenv`	purl2cpe	2026-06-01 10:16:29.063587
`pkg:pypi/virtualenv`	purl2cpe	2026-06-01 10:16:29.063588

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2011-4617`	vulnerable	2026-06-03 14:31:25.693898	Details available virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/. Published: 2011-12-31T01:00:00.000Z Updated: 2024-08-07T00:09:19.492Z Open on db.gcve.eu Reference links http://secunia.com/advisories/47240 https://bitbucket.org/ianb/virtualenv/changeset/8be37c509fe5 http://openwall.com/lists/oss-security/2011/12/19/4 http://openwall.com/lists/oss-security/2011/12/19/2 http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071638.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.